httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <rpl...@apache.org>
Subject CVE-2005-2970 fixed in httpd 2.0.55
Date Mon, 31 Oct 2005 23:03:35 GMT
Hi,

I just noticed that it was missed to mention that CVE-2005-2970 has been fixed with httpd
2.0.55 (See the following
entry from 2.0.55 Changelog:

  *) worker MPM: Fix a memory leak which can occur after an aborted
     connection in some limited circumstances.  [Greg Ames]

)

The entry is missing in the Changelog (which cannot be changed any longer for 2.0.55,
btw: does it make sense to adjust this entry such that this hint will be included in
2.0.56?)
as well as on http://httpd.apache.org/security/vulnerabilities_20.html
As I see that the vulnerabilities files are basicly only adjusted by one person the question
for me is:
Should I add it or not?


Regards

RĂ¼diger

Mime
View raw message